Ability to encrypt specific files

[lra]

Would be cool if Mackup could encrypt the files it synced. Would only be supported for the copy mode.

PR welcomed once the copy mode is done.

[rolandjohann]

One simple solution would be to put the files to encrypt into an zip archive with encryption enabled. We should discuss if encryption should happen on app basis or in general - resulting in a single zip file.

The other way will be to encrypt using python crypto on a file basis.

[nitrocode]

To get ready for a future PR, each application that requires encryption can also add a new param secure e.g. mackup/applications/aws.cfg

[application]
name = AWS CLI
secure = true

OTOH This feature wouldn't make sense with symlinks to a cloud drive cause then each time your terminal / iterm session is loaded, mackup will have to decrypt the files to use them. It would make more sense if you can tar up all of your settings in an encrypted password protected tar file.

$ mackup backup --encrypt
Password: 
Your mackup file has been encrypted and placed in ~/Dropbox/mackup-encrypted-12072017.tar.gz

Then on the second computer

$ mackup restore --decrypt --file ~/Dropbox/mackup-encrypted-12072017.tar.gz
Password: 

But then updating these files and keeping them in sync may be a pain...

[qrevel]

I don' t think there should be any archive involved here. The idea of adding a secure param is great.

Mackup could let the plain text file in its current location and only keep the encrypted in the storage backend.

The only caveat is to run mackup backup when the text file changes.

[ndbroadbent]

This would be awesome! Has anyone started working on this?

In the meantime, I'm using this simple dropbox_backup bash script to compress and encrypt some specific directories (such as my SSH keys in ~/.ssh).

[lougreenwood]

for encrypted files, I use dotbot and transcrypt